23070 matches found
JLSEC-2025-102 In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU v...
In FFmpeg 3.2 and 4.1, a denial of service in the subtitle decoder allows attackers to hog the CPU via a crafted video file in Matroska format, because ffhtmlmarkuptoass in libavcodec/htmlsubtitles.c has a complex format argument to sscanf...
JLSEC-2025-103 A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attackers to hog the CPU vi...
A denial of service in the subtitle decoder in FFmpeg 3.2 and 4.1 allows attackers to hog the CPU via a crafted video file in Matroska format, because handleopenbrace in libavcodec/htmlsubtitles.c has a complex format argument to sscanf...
JLSEC-2025-148 A flaw was found in FFmpeg
A flaw was found in FFmpeg. This vulnerability allows unexpected additional CPU load and storage consumption, potentially leading to degraded performance or denial of service via the demuxing of arbitrary data as XBIN-formatted data without proper format validation...
vulnlog-poc
Vulnlog Proof of Concepts YAML and JSON Schema PoC - y...
box-bin (=0.3.1), box-format (>=0.3.0 <=0.3.3) +11 more potentially affected by unknown CVE via unic-normal (>=0.1.2 <=0.9.0)
unic-normal CARGO version =0.1.2, =0.3.0, =0.2.4-beta, =0.1.0, =0.3.0, =0.3.0, =0.1.0, =0.3.0, =0.5.0, =0.7.0, =0.1.1, =0.9.0 Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2025-0082...
EUVD-2025-34911
An arbitrary file upload vulnerability in SigningHub v8.6.8 allows attackers to execute arbitrary code via uploading a crafted PDF file...
CVE-2025-11896
In Xpdf 4.05 and earlier, a PDF object loop in a CMap, via the "UseCMap" entry, leads to infinite recursion and a stack overflow...
CVE-2025-11568
A data corruption vulnerability has been identified in the luksmeta utility when used with the LUKS1 disk encryption format. An attacker with the necessary permissions can exploit this flaw by writing a large amount of metadata to an encrypted device. The utility fails to correctly validate the...
EUVD-2021-34646
In the Linux kernel, the following vulnerability has been resolved: drm/plane: Move range check for formatcount earlier While the check for formatcount 64 in drmuniversalplaneinit shouldn't be hit it's a WARNON, in its current position it will then leak the plane-formattypes array and fail to cal...
Malicious Package
Overview pretty-format-setting is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Malicious code in pretty-format-setting (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 98ad5e7fdf5539b67cf7d13f5634890ff9db4c4ef4eafed348b91d26b8a6982d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-48319 Malicious code in pretty-format-setting (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 98ad5e7fdf5539b67cf7d13f5634890ff9db4c4ef4eafed348b91d26b8a6982d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Vlang-Pentest-Framework
š„ Vlang Pentest Framework āāā āāāāāāāāāā āāāāāāāāāāāā...
OESA-2025-2404 libtiff security update
This provides support for the Tag Image File Format TIFF, a widely used format for storing image data. The latest version of the TIFF specification is available on-line in several different formats.And contains command-line programs for manipulating TIFF format image files using the libtiff...
OESA-2025-2403 libtiff security update
This provides support for the Tag Image File Format TIFF, a widely used format for storing image data. The latest version of the TIFF specification is available on-line in several different formats.And contains command-line programs for manipulating TIFF format image files using the libtiff...
OESA-2025-2401 libtiff security update
This provides support for the Tag Image File Format TIFF, a widely used format for storing image data. The latest version of the TIFF specification is available on-line in several different formats.And contains command-line programs for manipulating TIFF format image files using the libtiff...
rardecode: DoS risk due to unrestricted RAR dictionary sizes
rardecode versions = 2.1.1 fail to restrict the dictionary size when reading large RAR dictionary sizes, which allows an attacker to provide a specially crafted RAR file and cause Denial of Service via an Out Of Memory Crash...
CVE-2025-61862
An out-of-bounds read vulnerability exists in VS6ComFile!getovlpelementsize of V-SFT v6.2.7.0 and earlier. Opening specially crafted V-SFT files may lead to information disclosure, affected system's abnormal end ABEND, and arbitrary code execution...
CVE-2025-61863
CVE-2025-61863 describes an out-of-bounds read vulnerability in the VS6ComFile component of Fuji Electric V-SFT, specifically in CSaveData::delete_mem. Affected versions are V-SFT up to 6.2.7.0 and earlier. The issue can cause information disclosure, abnormal termination (ABEND), and arbitrary co...
ALSA-2025:17675 Important: compat-libtiff3 security update
The libtiff3 package provides libtiff 3, an older version of libtiff library for manipulating TIFF Tagged Image File Format image format files. This version should be used only if you are unable to use the current version of libtiff. Security Fixes: libtiff: Libtiff Write-What-Where CVE-2025-9900...